PhD Oral Exam Presentation

Slides:



Advertisements
Similar presentations
Evidence Collection & Admissibility Computer Forensics BACS 371.
Advertisements

We’ve got what it takes to take what you got! NETWORK FORENSICS.
Guide to Computer Forensics and Investigations, Second Edition
Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.
BACS 371 Computer Forensics
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
Forensic and Investigative Accounting
Computer Forensics Principles and Practices
COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.
Chapter 14: Computer and Network Forensics
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
Data Acquisition Chao-Hsien Chu, Ph.D.
CYBER FORENSICS PRESENTER: JACO VENTER. CYBER FORENSICS - AGENDA Dealing with electronic evidence – Non or Cyber Experts Forensic Imaging / Forensic Application.
Prepared and presented by Group 5: 1. NGABOYERA Valens 2. TWAGIRAMUNGU Serge 3. KAYIRANGA Augustin 4. BAYINGANA Aimable 5. SAMVURA Jean de Dieu 6. RUKUNDO.
What is FORENSICS? Why do we need Network Forensics?
Security in Practice Enterprise Security. Business Continuity Ability of an organization to maintain its operations and services in the face of a disruptive.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.
7 Handling a Digital Crime Scene Dr. John P. Abraham Professor UTPA.
Computer Forensics Principles and Practices
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2011 Lecture 11 09/27/2011 Security and Privacy in Cloud Computing.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. System Forensics, Investigation, and Response.
Computer Forensics Peter Caggiano. Outline My Background What is it? What Can it do and not do? Goals Evidence Types of forensics Future problems How.
Module 13: Computer Investigations Introduction Digital Evidence Preserving Evidence Analysis of Digital Evidence Writing Investigative Reports Proven.
1J. M. Kizza - Ethical And Social Issues Module 13: Computer Investigations Introduction Introduction Digital Evidence Digital Evidence Preserving Evidence.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Data Acquisition September 8, 2008.
An Introduction to Computer Forensics Jim Lindsey Western Kentucky University September 28, 2007.
Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.
Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.
Using automation to enhance the process of Digital Forensic analysis Daniel Walton School of Computer and Information Science
Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.
Mastering Windows Network Forensics and Investigation Chapter 17: The Challenges of Cloud Computing and Virtualization.
ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.
CIT 180 Security Fundamentals Computer Forensics.
Digital Forensics Market Analysis: By Forensic Tools; By Application (Network Forensics, Mobile Forensics, Database Forensics, Computer Forensics) - Forecast.
Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.
Chapter 11 Analysis Methodology Spring Incident Response & Computer Forensics.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
By Jason Swoyer.  Computer forensics is a branch of forensic science pertaining to legal evidence found in computers and digital storage mediums.  Computer.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
Investigating a Crime CLU3M. Collecting Physical Evidence When a crime has been committed, the first job of the police is to collect all the evidence.
CHAP 6 – COMPUTER FORENSIC ANALYSIS. 2 Objectives Of Analysis Process During Investigation: The purpose of this process is to discover and recover evidences.
Clouding with Microsoft Azure
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Models of Models: Digital Forensics and Domain-Specific Languages
University of Colorado at Colorado Springs
Unit 3: Impression Evidence tool marks
11. Looking Ahead.
Forensic Computer Techniques
Chapter 16 Tool Marks By the end of this chapter you will be able to:
Legal, Regulations, Compliance and Investigations
Federated IdM Across Heterogeneous Clouding Environment
Introduction to Computer Forensics
Cloud Computing Kelley Raines.
Packaging Evidence Essential Question: How do we demonstrate the proper techniques for collecting and packaging physical evidence found at the crime scene?
Chapter 16 Tool Marks By the end of this chapter you will be able to:
Cloud Testing Shilpi Chugh.
Introduction to Computer Forensics
EIS Fast-track Revision Om Trivedi Enterprise Information Systems
FILE CARVING: Reassembling files from fragments of bytes/hex data on a digital device.
FILE CARVING: Reassembling files from fragments of bytes/hex data on a digital device.
TOOL MARKS.
Introduction to Digital Forensics
Exam Information CSI5107 Network Security.
2/25/2019.
Dental and Tool Mark Impressions Notes
1 Advanced Cyber Security Forensics Training for Law Enforcement Building Advanced Forensics & Digital Evidence Human Resource in the Law Enforcement sector.
Chapter 16 Tool Marks By the end of this chapter you will be able to:
Session I Cloud Introduction Session I
Chapter 16 Tool Marks By the end of this chapter you will be able to:
Presentation transcript:

PhD Oral Exam Presentation 4/17/2018 5:18 PM Cloud Forensics Haitham Ennajah PhD Oral Exam Presentation

Cloud Forensics/Haitham Ennajah Outline of the Talk Overview of Digital Forensics Challenges and Procedures in Digital Forensics Challenges and Difficulties in Cloud Forensics Techniques and Tools for Cloud Forensics Potential Research Topics in Cloud Forensics 12/19/2013 Cloud Forensics/Haitham Ennajah

Cloud Forensics/Haitham Ennajah 4/17/2018 5:18 PM Motivation Cloud computing changes IT infrastructure and promises simplicity, scalability, and cost reduction. Wide spread use of SaaS, PaaS, and IaaS  Crimes and abuses increase in cloud. To prosecute crimes in cloud, requires preserving the evidences properly. http://csrc.nist.gov/publications/nistpubs/800-86/SP800-86.pdf 12/19/2013 Cloud Forensics/Haitham Ennajah

Cloud Forensics/Haitham Ennajah Digital Forensics Forensic science: the application of science to the law Digital forensics, also known as computer and network forensics “Digital Forensics is the application of science to the identification, examination, collection, and analysis of data while preserving the information and maintaining a strict chain of custody for the data.” NIST 2006 –Guide to Integrating Forensic Techniques into Incident Response, Special Publication 800-86  12/19/2013 Cloud Forensics/Haitham Ennajah

Traditional Computer Forensics Deal with acquiring evidences from a PC, laptop, handheld device. A process of analyzing digital data while preserving its integrity to be admissible in the court of law. Collection and preservation of seized media at the crime scene Validation, analysis, interpretation, documentation and courtroom presentation of the examination results. 12/19/2013 Cloud Forensics/Haitham Ennajah

Challenges with Digital Evidences Digital evidence is any information of probative value which is stored or transmitted in a digital form, [SWGDE99] Its challenges: The quantity of potential evidence Easy contamination The number of suspects Authenticity and integrity Reliability Completeness Convincement (to Juries) Admissibility 12/19/2013 Cloud Forensics/Haitham Ennajah

Digital Forensics Procedure Citation 12/19/2013 Cloud Forensics/Haitham Ennajah

Cloud Forensics/Haitham Ennajah Cloud Forensics (CF) A cross discipline of cloud computing and digital forensics 12/19/2013 Cloud Forensics/Haitham Ennajah

Security Issues in Cloud Computing The loss of governance Lock-in Data Protection Insecure or incomplete data deletion 12/19/2013 Cloud Forensics/Haitham Ennajah

Cloud Forensics/Haitham Ennajah 4/17/2018 5:18 PM Ensure Cloud Security Service Level Agreement (SLA) Multi-Location Issues? <expand this> 12/19/2013 Cloud Forensics/Haitham Ennajah

Cloud Forensics Challenges E-discovery dilemma: How to protect co-located data? Data from different sources can occupy the same sections within the storage media Criminals use anonymous communication system such as Tor and Anonymizer Which are originally designed for protecting network users from identity theft and profiling. 12/19/2013 Cloud Forensics/Haitham Ennajah

Hacking Tor/Anonymizer <Include diagram of these two systems and provide brief discussion how to hack Tor/Anonymizer to discover the real identity of the criminals> 12/19/2013 Cloud Forensics/Haitham Ennajah

Technical Challenges in CF Potential loss of data during an image process for different reasons such as shut down virtualized server, cause parallel or unrelated services to be interrupted. Lack of access to network routers, load balancers and other networking components Challenges in accessibility of logs and in log analysis of cloud applications Consolidation and consistency of logs Malicious insider Data deletion 12/19/2013 Cloud Forensics/Haitham Ennajah

Technical Dimension of CF Encompasses the procedures and tools that are needed to perform the forensic process in cloud Forensic data collection. Elastic, static and live forensics. Evidence segregation. Investigations in virtualized environments. Pro-active preparations. 12/19/2013 Cloud Forensics/Haitham Ennajah

Challenges during Investigation 4/17/2018 5:18 PM Challenges during Investigation Discovery of Computational Structure. Attribution of Data. Semantic Integrity. Stability of Evidence. Presentation and Visualization of Evidence. Cross-Jurisdictional Aspects. There are so many challenges in these presentation. Can they be classified more clearly? 12/19/2013 Cloud Forensics/Haitham Ennajah

Tools for Cloud Forensics 4/17/2018 5:18 PM Tools for Cloud Forensics E-Discovery by Access Data. E-Discovery by Encase. OWADE - Offline Windows Analysis and Data Extraction from Stanford <Compare/Evaluate their features in table form> 12/19/2013 Cloud Forensics/Haitham Ennajah

Cloud Forensics/Haitham Ennajah Chain of Dependencies Cloud providers and most cloud applications often have dependencies on other cloud providers Investigation may depend on one of the links in the chain, and level of complexity of the dependencies Facilitate communication/collaboration by organization policies and SLAs 12/19/2013 Cloud Forensics/Haitham Ennajah

Mobile Cloud Forensics [Zhu 2011] Current forensic tools and methodologies when used on some smartphones, could not extract data from cloud storage based applications such as Dropbox have difficulties extracting cloud based emails such as G-mail. Cloud based emails can only be extracted if the phone is jail-broken or has a root access right. Cloud service provider can collect the emails, but the integrity of the data would not be 100% 12/19/2013 Cloud Forensics/Haitham Ennajah

Cloud Forensics/Haitham Ennajah CF Opportunities Cost Effectiveness. Data Abundance. Overall Robustness. Scalability and Flexibility. Policies and Standards. Forensics as a Service 12/19/2013 Cloud Forensics/Haitham Ennajah

Proposed Research Directions List things you propose to do. Ask for feedbacks. 12/19/2013 Cloud Forensics/Haitham Ennajah

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.